You are here

Security Center

Educate yourself!

While technology has made many things easier, it also creates opportunities for criminals to steal your personal and financial information. Explore and learn more to better protect yourself and your information!

Online Banking Security

Details

Online banking lets you access your bank account information from your computer when it is most convenient for you. While technology adds flexibility, it also adds risk. To keep your information secure while using BankStar Financial’s online banking service, follow these helpful hints and be aware of security measures you should take.

Types of online banking fraud:

Malware is a program or software that intentionally harms your computer. Viruses are spyware and types of malware and they are typically installed without your knowledge or consent. With malware, hackers can steal your information or take control of your computer remotely.

Phishing (pronounced “fishing”) is a scam where criminals use fake emails, texts, or instant messages to obtain your personal or financial information. The contact may appear to be from your financial institution or another service provider and usually has a company’s name and logo, and a link instructing you to go to their website and update your information. Many times the messages will describe an urgent reason you must “resubmit” or “verify” your information. Never give your personal information out via email or online unless you initiate the contact, and even then, be very cautious.

Tips to keep your information secure online:

Only do business with financial institutions and online merchants you know and trust.

Watch out for imposter sites that may try to look like your financial institution. Be sure you are using the correct web address. (www.ebankstar.bank).

Reputable financial institutions will not ask you to verify or update any personal information online or via email. Call your bank if you receive any suspicious requests.

Only download programs or email attachments from known, reliable sources. If you think a request looks suspicious, don't click on it or open it. Even if you know the sender, it is possible they have been hacked too.

Use public computers with caution. Online banking and other personal business should be done on a home or private computer when possible.

Similarly, be aware of public wireless networks you may be connected to. Avoid entering personal information and passwords if you are not sure the network is secure. Also be sure your home wireless network is password protected or anyone within range could access your connection.

Always logout completely when you are finished using the online banking site.

Password Tips:

Never use your social security number as your username or password.

Change your passwords frequently.

Use a combination of upper and lowercase letters, numbers, and special characters when allowed.

Do not use the same password on for multiple sites.

Do not write your password down or share your password with anyone.

BankStar Online Banking passwords are case sensitive, will expire every 275 days and must be at least 8 characters long (6 alpha characters, 1 numeric, and 1 special character - ?,!,$). You will be prompted with a reminder 45 days before your password will expire.

If you ever feel your login information has been compromised, call BankStar Financial as soon as possible to have your information reset.

Mobile Security

Details

Smart phones offer added convenience, but they are still susceptible to fraud just like your home computer. They are also easy to lose or steal, which can put your information at risk. BankStar Financial’s mobile banking app is a great tool to utilize while you are on the go and it is perfectly secure provided you take security precautions.

Be aware of the following types of mobile fraud:

Rogue Mobile Banking Apps are malicious apps that are set up by criminals to look just like your financial institution's mobile banking app. It may look very similar and once you download the fraudulent app, if could implant a Trojan virus on your phone and steal your online banking username and password. Only download the BankStar Financial app from trusted sources like the Apple App Store or the Google Play Store. The app is free.

Mobile Malware is just like computer malware. It is a type of software that is installed on your smart phone through malicious apps or other downloads. Criminals use mobile malware to steal your personal information and other data stored on your phone, often before you realize the potential threat. Another way malware can be downloaded onto your smart phone is through unsecure Wi-Fi networks and Bluetooth. Your smart phone might automatically connect to a local network making it easier for a criminal to download malware to your phone without your knowledge or consent. Do not allow your phone to automatically connect to Wi-Fi. Only use Wi-Fi networks and Bluetooth connections that you know are secure.

SMiShing is a form of fraud where criminals contact you via cell phone messages to try to get you to divulge your personal information. Criminals may pretend to be your financial institution and use SMS (Short Message Service, a type of text message) in an attempt to gain access to confidential account information. A common scam states that your account or ATM/Check Card or Credit Card has been compromised. The victim is told to call a number or visit a website to resolve the issue. Once the victim calls or goes to the website, they are asked to re-enter or confirm their card number, account number, and/or PIN.

If you use your smart phone for online banking and other personal business, be sure you:

Password-protect your device so only you can access it.

Keep a record of the device's make, model and serial number in case it is stolen.

Never store personal information (passwords, PIN, account numbers, social security number) in your phone and never send any of that information via text message to anyone.

Beware of anything you download to your phone, especially apps. Only use reputable markets, like the store built into your device.

Consider adding antivirus software to your smart phone.

Set your phone to ask you before connecting to local Wi-Fi. Connecting to unsecure public networks makes your smart phone easier to hack.

Links in emails, social network postings, and text messages are often ways cybercriminals disperse their malware. If it looks suspicious, even if you know the sender, it is best to delete it or call the sender to validate the message.

When in doubt, don not respond. Fraudulent calls, voicemails, and texts are on the rise and are almost always a scam, especially if they say you must take immediate action.

BankStar Financial will never ask you to confirm any of your information by email or text.
Please contact us to report suspicious activity or attempted fraud.

Observe the ATM surroundings before approaching a walk-up ATM. If anyone or anything appears to be suspicious, cancel your transaction and leave the area at once.

Minimize time spent at the ATM by having your card out and ready to use. Do not let anyone see how much money you withdrew, and never count your money at the ATM.

Never allow a stranger to assist you in conducting an ATM transaction, even if you have trouble or if your card is stuck.

Use your body as a shield to block the ATM from anyone waiting to use the terminal so that others cannot see your PIN or transaction amount.

Before lowering your window to use a drive-up ATM, observe the entire surrounding area. If anyone or anything appears to be suspicious, cancel your transaction and drive away at once.

If anyone follows you after you have completed your ATM transaction, go immediately to a crowded, well-lit area and call the police.

When paying at Point of Sale (POS) Terminals:

Never allow the cashier or anyone else to enter your PIN for you, even if they are assisting you with the transaction.

Block the view of others when using a POS terminal.

Make sure the transaction is complete and you have received a receipt before leaving.

Email Security

Details

There are very few of us who have never received unsolicited offers through email, better known as SPAM. For criminals, the objective of spamming is to gather personal information that can be used to steal your money and/or your identity. Criminals may also send you attachments and links that will lead you to spoof sites or cause you to inadvertently download harmful software to your computer.

Signs of fraudulent email:

Requests for specific personal information

Urgency – often threatening to close your account

Offers of money in exchange for personal information through a survey or other method

Typos and poor grammar

Tips to protect yourself:

If an email offer sounds too good to be true, it probably is.

Remember that email is not secure. Never send your personal financial information, like account numbers or your Social Security number, by email.

Do not open email attachments from senders you do not know and trust. Even if you do recognize the sender, be cautious. Malicious attachments can contain viruses and compromise your computer.

Do not click on links in suspicious or unsolicited emails. Emails that request you confirm or resubmit your information are usually fraudulent.

Use your emails filtering software to screen for SPAM emails and delete any suspicious emails right away. Sometimes simply opening an email is enough to compromise your security.

Identity Theft

Details

What is identity theft?

Identity theft occurs when someone uses your personal information, such as your name, address, Social Security number, bank account numbers, ATM/Check Card, or Credit Card number, without your permission, to commit fraud or other crimes. This type of fraud can take many forms. Identity thieves might lease an apartment or car, obtain a new credit card, or establish a telephone account in your name. Unfortunately, victims often do not find out about the theft until they see charges they did not make on their credit card or accounts they did not set up on their credit report. In worse cases, victims begin are contacted by debt collectors for purchases they did not make.

How do thieves steal my identity?

There are several methods criminals use to steal your information, and many are very low-tech. Even if you never use online banking or make purchases online, your identity can still be stolen.

Create complex passwords for all accounts you access online, such as online banking.

Make copies of the front and back of all important cards and documents you carry with you. Store these in a secure location, such as a fireproof safe or safe deposit box so they are readily available if your wallet or purse is lost or stolen.

Keep your contact information up-to-date with your financial institution so we can contact you if we suspect any fraudulent activity.

Keep your home computer up-to-date and virus free.

Always log completely out of online banking when you are finished. Do not rely on the time-out feature.

Avoid using public or shared computers for personal business or financial transactions. Also beware of public Wi-Fi connections, which may not be secure.

Use the same caution with Wi-Fi connections when using mobile banking on your smart phone.

Opt out of traditional statements.

By signing up for eStatements, you eliminate the paper statement sitting in your mailbox where fraudsters could steal them and potentially steal your identity.

eStatements are accessed through our secure online banking site and you are notified by email when your statement is ready for you to access it.

Pay your bills online.

No need to write out paper checks that could be intercepted or lost in the mail. You can pay virtually any bill, to anyone, online.

MOST IMPORTANTLY, monitor your credit report regularly. The Fair and Accurate Credit Transactions Act of 2003 (FACTA) allows consumers the right to obtain one free copy of their credit report from each of the three major credit bureaus every 12 months. Click on the link for more information what to look for, and who to contact if you believe your identity has been stolen.

Be aware of websites that require a credit card to obtain your free credit report. They may not charge you initially, but they might later.

What should I do if my identity is stolen?

Contact the fraud departments of the three major credit bureaus and request that a fraud alert be placed on your credit file. This will alert creditors to contact you before opening any new accounts or making changes on your existing accounts.

If you suspect your Social Security number has been compromised, contact your local Social Security Office.

File a complaint with the Federal Trade Commission at www.ftc.gov or by calling 1.877.438.4338. They maintain a database of identity theft cases used by law enforcement for investigations, and can advise you on your next steps.

Elder and Dependent Adult Financial Fraud

Details

Cases of elder and dependent adult financial fraud are unfortunately projected to grow as the Baby Boomers age. We can help you understand how to stay more safe by taking preventive measures and to help you recognize when someone is targeting you.

New Acquaintances

It is a sad reality, but you must be aware of new friends and acquaintances you meet and how they came into your life. Be aware of people who may befriend you in order to gain your trust and then take advantage of you. Where is your new acquaintance from? What do they do for work? Do you know any of their family or close friends?

Many times, these fraudsters are very friendly and seem trustworthy. Sometimes they are TOO friendly. They may offer to help you with tasks such as grocery shopping or a trip to the bank, seemingly out of the goodness of their heart. But their motive may be to gain access to your checkbook or account numbers, without your knowledge or permission.

These crooks try to make you reliant on them so they can take further advantage of you. They may intimidate you by saying they will stop helping you, or worse, threaten to hurt you. Be cautious of new acquaintances and ask yourself what they are getting out of your friendship? A relationship where you depend on this person should be avoided. Discourage these situations by having a thorough financial plan in place. Many of us will reach a point where we need physical assistance on a daily basis and it is best to have an arrangement in place for when that time comes.

Friends and Family

Unfortunately, many elder and dependent adult financial fraud cases involve close friends and family members. Anticipate your needs, physical and financial, and plan ahead. When a family member has the legal authority to make decisions for you, financial or otherwise, sometimes they abuse that right. Be sure to have multiple people involved with your financial planning.

It may be wise to consult with an attorney if you have questions or need help handling your financial affairs. They can assist you in setting up a trust or taking other actions to protect yourself and your assets. An attorney can also help you execute a Power of Attorney. Choose someone you know well and trust, maybe a family member, a friend, or an attorney. Be sure to give your financial institution a copy of your Power of Attorney papers and notify them if you make changes to it.

If you request assistance from your family or friends, ask for help from more than one person, to ensure you get an objective view. You may also ask a representative at your local financial institution if you have further questions.

Lastly, be careful what you sign. Sign your own checks and do not give blank checks to anyone. When someone requests your signature, read the fine print and ask questions. Ask your attorney to verify anything you are unsure of. Always have a written agreement when signing over money or property and have those agreements reviewed by your attorney. Make sure people you trust are aware of your financial instructions and keep them in a safe place.

Service Providers, Merchants, Landlords and Others

Sadly, sometimes people or companies try to cheat senior citizens by charging them higher prices for goods and services and or even billing them for things they never requested. A contractor may charge more than they quoted after they have begun the work. Landlords could raise your rent illegally or without following procedure. They do this because they think senior citizens or dependent adults are too naïve to notice or that they will not complain if they do. They take advantage of you because they think they can get away with it.

It is your responsibility to educate yourself on the different types of fraud and scams going around. This may seem daunting as the fraudsters are always coming up with something new but you must be at least somewhat aware of the red flags. Read through the other topics in this Security Center section and familiarize yourself with some of the common tactics criminals use to steal your identity.

Always read agreements and contracts carefully before signing them. It is usually best to just say no to people trying to sell you unsolicited services, especially if they are on your doorstep or want you to pay right away. If you don’t have time to thoroughly verify the service, or you are unsure of the terms, it is smart to decline. Place your home and cell phone numbers on the Do Not Call Registry to eliminate some of the hassle.

If any of your service providers increase fees, charges, or rent, get an explanation in writing. Sometimes just questioning them is enough to discourage them from trying to defraud you.

If You Suspect Elder and Dependent Adult Financial Fraud...

Victims of this type of fraud sometimes do not report it because they feel embarrassed or betrayed. They may feel foolish that they allowed a family member to take advantage of them or they may fear what that family member will do if the fraud is reported. Other times they may not want to tell their family they were duped into a bad business transaction. No matter what the situation is, you have the right to defend yourself. Fraud needs to be reported.

Helpful Tips:

If you feel you or someone you know is in physical danger, call your local police department and/or adult protective services.

If you find unauthorized financial activity on your accounts, or believe someone is abusing the authority they have on your accounts, contact your financial institution right away.

If you are unsure about activity on your accounts, call your financial institution to verify transactions. We are happy to help.

Keep copies of legal documents that specify who has authorization to access your accounts and to what extent. If you believe your accounts are not being handled as specified by these documents, contact your financial institution and provide them with the proper documents.

Elder and Dependent Adult Financial Fraud Contacts

Adult Protective Services

APS agencies offer services to elderly or dependent adults, regardless of income. To find your local office and for more information, visit the National Adult Protective Services Association at the website below.www.napsa-now.org/get-help/help-in-your-area

Police or Sherriff's Department

In an emergency, dial 911 regardless of your location.

Federal Trade Commission (FTC)

The FTC has information and resources specific to seniors, as well as a fraud reporting system. The FTC also manages the Do Not Call Registry. You may write them at the address below or click the link to visit their website.

Other Scams and Fraud

Criminals come up with new scams and new ways to commit fraud every day. However, there are some old schemes that sound so convincing that people still easily fall for them.

Basic Rules to Remember:

Use common sense. If it sounds too good to be true, it probably is.

Never give personal information to a stranger who contacts you, whether by phone, email or other means.

You are responsible and liable for items you cash or deposit into your account.

No matter how urgent someone claims a deal or job offer is, you should research and confirm its legitimacy.

Watch Out For:

New accounts or credit cards you did not apply for.

Debits on your account you cannot explain.

Inaccurate information on your credit reports. Click on the link for information on how to request your credit report, what to look for, and who to contact if you believe your identity has been stolen.

Missing bills or other mail, indicating your account information may have been stolen.

Receiving calls or letters from debt collectors for things you did not buy.

Familiarize yourself with the following scam scenarios:

These scams all can sound credible at first, but when strangers start asking you for your personal information or to deposit checks or wire them money, it is usually a scam. Contact a BankStar Financial Associate with any questions or to report fraud or potential fraud.

Money Mule/Online Job Scam

Criminals often target unsuspecting victims to be middlemen to launder stolen money or merchandise for them. The victims are unaware that the funds or merchandise are stolen and are persuaded to transfer the funds or goods for the criminal. They sometimes lure their victims by promising lucrative job opportunities that will allow you to work from home.

These scams often start when a victim responds to a job posting, often on a reputable online job site, for a “payment processing agent”, a “money transfer agent”, or some similar title. The criminal will then send the stolen funds or goods to the money mule and ask them to wire or transfer some or all of the money to another account for the criminal, masking their identity and the source of the funds. In other cases, the “employer” may ask you to receive deposits into your personal existing accounts (or create new accounts) and then make transfers to other accounts, often overseas.

The victim may think this is a legitimate job as they are paid a “commission” for each transaction they perform. The money mule may not know they are part of a scam until their bank contacts them regarding suspicious transactions. Often the bank will close their accounts and they can be held responsible for the stolen funds.

Be aware of foreign companies or “employers” requesting “money transfer agents” in the United States. Be cautious of an employer offering you a job without an interview and do not provide your Social Security number or other sensitive information unless you can verify their identity and legitimacy. Never open a new bank account to receive or transfer money from someone you do not know. If someone asks you to deposit money for them and then transfer it somewhere else, it is not a job. It is fraud. Never wire funds, make transfers, or send or receive packages for people or companies you do not know, even if they offer to give you a commission. This is likely fraud and you should report it to police.

Nigerian Letter Scam

Most of us have probably heard this one and it is so far-fetched that it is hard to believe people are still duped into it. This scam usually starts with the victim receiving an unsolicited letter from someone claiming to be a high-ranking government official or even royalty from Nigeria or another foreign nation.

The sender will offer you a large sum of money as a reward for your help transferring money into foreign bank accounts. They may ask you for your account numbers and bank information to send you further instructions or to deposit funds to your account.

These get-rich-quick schemes often involve complex transfers of funds and sending money overseas. The crooks usually send you funds that they want you to send somewhere else, or use the account information you provided them to defraud your account. It is extremely unlikely that the criminals will come through with the reward or commission they promised you and even if they do, the transaction is probably illegal. Do not risk your money, identity, or good standing.

Lottery or Sweepstakes Scam

Lottery and sweepstakes scams are becoming more prevalent. The instigators use multiple contact methods (phone, email, direct mail) to con US citizens into thinking they have won a foreign lottery prize. The particular details can vary by scam. For instance, the name of the lottery, the sponsoring country or group, and the prize money will change frequently. They try to validate their ruse by referring to actual financial institutions or companies or claiming an affiliation with a true government agency.

The scam is usually initiated with a notification that you have won a lottery or sweepstakes that you didn’t even enter. You may be asked to supply your bank account information, personal information, copies of your driver's license or passport, etc. to "verify your identity"; in other words, so the criminal can steal your identity.

For some scammers, your identity is all they are after. However, many crooks take this scam a step further. They claim you must first pay a small percentage for “taxes” or some other fee, and then you will receive your winnings. Usually you will be instructed to wire the fees through Western Union or a similar service. Once you send them those funds, they will either continue to ask you for more or simply move on. The “lottery winnings” are never sent to the victim.

Real and legitimate lotteries and sweepstakes will never require you to pay taxes in advance to receive your winnings. Be aware of emails or letters that declare you have won money, especially if you have never entered a contest. Never give anyone your personal or financial information, no matter what they claim. Participating in foreign lotteries is illegal.

Overpayment/Counterfeit Check Scam

This type of scam begins with someone responding to a real ad that you posted. They offer to buy the item you are selling and pay with a cashier's check, money order, or the like.

Someone responds to your posting or ad, and offers to use a cashier's check, personal check or corporate check to pay for the item you're selling. They will then come up with an excuse to make the check for more than the asking price, and ask you to wire them back the difference after you deposit their check. After you deposit the check and wire the excess funds back to the "buyer", you find out the check has bounced. You are now liable to your bank for the entire amount.

These scams are frequently internet-based, stemming from a post you made on eBay or Craigslist for example, but they can also happen with phone transactions. Cashier’s checks and money orders may seem more secure for you as the seller but they are usually counterfeit. Scammers send monetary instruments that look legitimate, contain watermarks and other security features, and may be indistinguishable from the real thing. However, a check made for more than the purchase price is a red flag.

You must know who you are dealing with and confirm the buyer’s name, physical address, and telephone number. Never accept a check for more than your selling price, from anyone, no matter how tempting. If a buyer requests you wire funds back to them, terminate the transaction and report it to police.